CSR vs. ESG: What is the difference?

VinciWorks ESG survey results

Now more than ever, companies are expected to have a positive impact on society and the planet. Customers are increasingly considering sustainability in their purchases, with upwards of 75% of millennials reporting they do so. Investors also expect companies to understand these issues, with the value of sustainable fund assets doubling over the last two years to $2.7 trillion according to Morningstar.

But addressing these stakeholders and attempting corporate sustainability can be an alphabet soup of different terms, topics, and targets. Two of the most common buzzwords are CSR and ESG. While they are often used synonymously, CSR and ESG are distinct concepts. In this article, we will explore their definitions, whether we need both, and how they are evolving.

ESG vs. CSR: Differences, definitions and examples

What is CSR?

Despite its recent popularity, Corporate Social Responsibility (CSR) is not a new concept. With roots in the welfare movements of the Industrial Revolution, the term “CSR” was coined by American economist Howard Bowen in 1953. Since then, the concept has grown and evolved, becoming an essential strategy for many companies by the 2000s.

According to the UN Industrial Development Organization (UNIDO), CSR is a “management concept whereby companies integrate social and environmental concerns in their business operations and interactions with their stakeholders…[balancing] economic, environmental and social imperatives.” Essentially, CSR is what a company does to have a positive impact on the world beyond profit making.

What are examples of CSR?

CSR varies widely among companies, with some opting only for philanthropy and others overhauling their business models to be carbon neutral. The right CSR approach depends on the company’s goals, capacity, and stakeholders, and as such, can evolve over time.

Some examples of CSR activities include:

  • Improving the longevity and recyclability of products
  • Sourcing 100% renewable energy
  • Employee volunteer days
  • Donating food or products to charity partners
  • Enhancing workplace equity with accessibility or flexible work accommodations

While CSR can help the environment and society, its diversity means it is largely self-regulated. Therefore, it is difficult to measure and uphold accountability. Unfortunately, this has led to concerns of greenwashing or false and exaggerated claims of a company’s impact. Additionally, when CSR initiatives are not related to a company’s core business, it can seem like a band-aid solution to real environmental or social issues.

What is ESG?

The CSR data gap is addressed with ESG, which stands for “Environmental, Social and Governance”. Popularised with the launch of the UN Principles for Responsible Investment (UNPRI) in 2006, ESG is the measurement and assessment of a company’s sustainability performance.

Its goal is to capture the inherent environmental, social, and governance-related risks to the company’s operations. ESG involves measuring the material aspects of a business, setting targets to improve performance, tracking progress against those targets, and reporting externally.

What are Examples of ESG?

ESG covers many facets of the business, from operations to human resources to data security. The scope changes based on the company and what it considers material. For example, emissions from business travel would be relevant for a multinational consulting firm but would not be important for a local waste hauler. 

As such, ESG is representative of the business and its interactions with the environment, people, and management. Some examples of the measurements taken and the targets set for each pillar include:

EnvironmentalSocialGovernance
MeasurementEnergy usage and the percentages from renewable or fossil fuel sourcesThe percentage of women in senior leadership positionsThe percentage of employees who participated in compliance training
TargetIncrease the percentage of renewable energy sources from 25% to 75% by 2030Achieve gender parity in the C-Suite by 2025Establish a confidential hotline to report suspected compliance breaches

This information is usually measured and reported according to a standard, such as GRI or SASB. It is then used by investors and other stakeholders to gain a more holistic view of a company and its relationship to the environment and society.

So, what’s the difference between ESG and CSR?

CSR and ESG are distinct concepts, but they are interconnected. In short, CSR is what a company does to have a positive impact in the world, and ESG makes those efforts measurable. CSR activities vary widely between companies and sectors, making it nearly impossible to compare and assess a company’s performance. ESG aims to fill this gap with standards and metrics. 

Should Businesses Consider Implementing CSR and ESG?

As the number of concerned customers and investors grows, companies should be prepared to show how they are responding to social and environmental challenges. CSR and ESG provide models to demonstrate that response. 

Many companies may already have CSR in some form, but formalising it has many benefits. For example, developing a CSR model helps a company report its efforts to employees and other stakeholders, such as customers and the local community. This can improve the brand’s reputation, customer trust, and employee retention.

Additionally, ESG can provide more legitimacy to a company’s reporting with standards and metrics. ESG is especially relevant for companies seeking public or private investment to demonstrate how ESG risk is managed. Even without seeking investment, ESG provides all companies with the tools to quantify their impact and progress over time.

Together, CSR and ESG can provide a well-rounded approach to corporate sustainability and address the growing number of concerned investors, employees, and customers.

Looking ahead to the future of corporate sustainability

A few years ago, CSR was the gold standard of how a business should operate in society. However, the inherent lack of transparency and assurance made many question its validity. ESG aimed to provide this validity and legitimise corporate sustainability efforts. Nonetheless, there are criticisms of ESG as well, such as continued greenwashing, especially in the environmental area.

The world of corporate sustainability is changing rapidly, and these two concepts will continue to evolve as we learn more about what it means to be a responsible business in the 21st century. What is most important is to understand CSR and ESG in the context of the business, what responsible business conduct looks like, and how it can be transparently measured and improved.


VinciWorks’ end-to-end ESG solution

We are on a mission to make ESG accessible and actionable. With deep expertise in implementing board-level enterprise risk management and compliance, our ESG solution brings together consultancy and software to help organisations implement a practical and effective ESG programme.

Our tool will help your business:

  • Identify your ESG risks and opportunities
  • Set ESG goals
  • Build an ESG roadmap
  • Share progress with stakeholders

Want to learn more? Complete the short form below to get in touch.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.